I have error for SSL

I setuped my wordpress website and tried attaching SSL from cloudflare, but now after all I have an error called {err_SSL_PROTOCOL_ERROR}

please anyone help me to fix this

How did you attach the SSL from Cloudflare? Usually there is no need to ‘attach’ the SSL. Simply putting Cloudflare in front of your site and using the default built-in certificate proxying responses from your origin is enough.

If it complains that your origin has the wrong security settings for this, you can adjust the strictness of negotiation between CF and the Origin under the SSL/TLS tab in the Dashboard. For example, most cases can at least use ‘Flexible’ mode.

No offence, but please do not recommend modes which are universally discouraged and will put the site at risk. A site on Cloudflare needs “Full strict” and a proper certificate on the server itself.

@theunanify, your site needs to be working on HTTPS before you add it to Cloudflare.

Please don’t take my comments out of context. If they are using one of the many Wordpress hosts available, they will already have https: setup with a valid signed certificate and probably defaulted. In this case, Cloudflare can work with it, and no adjustment is required.

However, they are now getting an error from their origin and it doesn’t sound like they have the server administration experience to fix this. This is the case where my next comment applies:

If it complains that your origin has the wrong security settings for this, you can adjust the strictness of negotiation between CF and the Origin under the SSL/TLS tab in the Dashboard.

It is better that they use Flexible mode to encrypt traffic between their readers and the Cloudflare network, than not use Cloudflare at all. Just having a valid Client-Origin certificate setup mitigates most WiFi and hotspot based privacy issues/MITM attacks and the 80/20 rule applies according to their level of experience and the criticality of the website.

What is the likelihood that someone will perform a state-actor style big-pipe MITM attack against the OP? In all actual fact of reality, if their origin certificates are setup incorrectly and they’re asking here for help, there are probably other issues such as a world readable wp-config.php, exposed SSH or easily exploitable plugins. Let’s focus on helping the OP to fix what actually matters to them.

No it is not. No offence again, but we had this discussion way too many times and there is no need to go into details yet one more time. Please use the search if you are interested in more.

Bottom line

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.